Reported January 28, 2002, by Internet Security Systems.

VERSIONS AFFECTED

  • Snort Intrusion Detection System for all platforms with 1.8.3 and earlier

 

DESCRIPTION
A remote Denial of Service (DoS) condition exists in the open-source Intrusion Detection System (IDS) Snort. An attacker can use specially crafted Internet Control Message Protocol (ICMP) echo and echo-reply packets with less than 5 bytes of ICMP data to remotely crash the system.

 

VENDOR RESPONSE

Snort recommends that affected users apply the available patch and recompile the binaries or download the latest version (build 90 or better) from their CVS tree.

 

CREDIT
Discovered by Sinbad.